factor out sources from flake stuff

Split nameservers between IPv4 and IPv6 (#420 )
Reviewed-on: Fediversity/Fediversity#420 Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io> Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com> Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
2025-07-01 13:31:06 +02:00 · 2025-07-01 13:09:06 +02:00
6 changed files with 26 additions and 13 deletions
--- a/deployment/check/basic/flake-part.nix
+++ b/deployment/check/basic/flake-part.nix
@ -2,6 +2,7 @@
  self,
  inputs,
  lib,
+  sources,
  ...
 }:

@ -27,7 +28,9 @@ in
          ../common/nixosTest.nix
          ./nixosTest.nix
        ];
-        _module.args.inputs = inputs;
+        _module.args = {
+          inherit inputs sources;
+        };
        inherit targetMachines pathToRoot pathFromRoot;
      };
    };
@ -44,7 +47,9 @@ in
          inputs.nixops4-nixos.modules.nixops4Resource.nixos
          ../common/targetResource.nix
        ];
-        _module.args.inputs = inputs;
+        _module.args = {
+          inherit inputs sources;
+        };
        inherit nodeName pathToRoot pathFromRoot;
        nixos.module =
          { pkgs, ... }:
--- a/deployment/check/common/deployerNode.nix
+++ b/deployment/check/common/deployerNode.nix
@ -3,6 +3,7 @@
  lib,
  pkgs,
  config,
+  sources,
  ...
 }:

@ -14,8 +15,6 @@ let
    types
    ;

-  sources = import ../../../npins;
-
 in
 {
  _class = "nixos";
--- a/deployment/check/common/nixosTest.nix
+++ b/deployment/check/common/nixosTest.nix
@ -3,6 +3,7 @@
  lib,
  config,
  hostPkgs,
+  sources,
  ...
 }:

@ -61,7 +62,9 @@ in
      {
        deployer = {
          imports = [ ./deployerNode.nix ];
-          _module.args.inputs = inputs;
+          _module.args = {
+            inherit inputs sources;
+          };
          enableAcme = config.enableAcme;
          acmeNodeIP = config.nodes.acme.networking.primaryIPAddress;
        };
--- a/flake.nix
+++ b/flake.nix
@ -31,6 +31,9 @@
          inherit nixpkgs;
        };
        self = self';
+        specialArgs = {
+          inherit sources;
+        };
      }
      (
        { inputs, ... }:
--- a/infra/common/nixos/networking.nix
+++ b/infra/common/nixos/networking.nix
@ -21,13 +21,8 @@ in
        ## REVIEW: Do we actually need that, considering that we have static IPs?
        useDHCP = mkDefault true;

-        nameservers = [
-          "95.215.185.6"
-          "95.215.185.7"
-          "2a00:51c0::5fd7:b906"
-          "2a00:51c0::5fd7:b907"
-        ];
-
+        ## Disable the default firewall and use nftables instead, with a custom
+        ## Procolix-made ruleset.
        firewall.enable = false;
        nftables = {
          enable = true;
@ -44,6 +39,10 @@ in
          address = config.fediversityVm.ipv4.gateway;
          interface = config.fediversityVm.ipv4.interface;
        };
+        nameservers = [
+          "95.215.185.6"
+          "95.215.185.7"
+        ];
      })

      ## IPv6
@ -55,6 +54,10 @@ in
          address = config.fediversityVm.ipv6.gateway;
          interface = config.fediversityVm.ipv6.interface;
        };
+        nameservers = [
+          "2a00:51c0::5fd7:b906"
+          "2a00:51c0::5fd7:b907"
+        ];
      })
    ];
  };
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@ -1,6 +1,7 @@
 {
  inputs,
  lib,
+  sources,
  ...
 }:

@ -13,7 +14,6 @@ let
    filterAttrs
    ;
  inherit (lib.attrsets) genAttrs;
-  sources = import ../../npins;

  ## Given a machine's name and whether it is a test VM, make a resource module,
  ## except for its missing provider. (Depending on the use of that resource, we